433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

AI red teaming agents change how LLMs get tested

Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton Key sit alongside hundreds of prompt transforms and scoring methods across open-source frameworks including Microsoft’s PyRIT, NVIDIA’s Garak, and Promptfoo. The catalog has grown faster than any operator can fluently navigate it, and that mismatch is changing how AI red teaming gets done. A wave of recent … More → The post AI red teaming agents change how LLMs get tested appeared first on Help Net Security.
http://news.poseidon-us.com/TSf8Rb

Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin

Bitdefender Mobile Security for iOS is a security and privacy application for iPhone and iPad that helps protect against phishing attempts, online scams, unsafe websites, and account exposure. I have used Bitdefender Mobile Security for iOS for the last two years. It was easy to install, easy to use, and I have not noticed any impact on device performance. The app combines web protection, scam detection, privacy tools, account monitoring, and VPN capabilities. Dashboard and … More → The post Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin appeared first on Help Net Security.
http://news.poseidon-us.com/TSf8RB

Cyber threats push SMBs to spend more on security

Cybersecurity has become a key priority for small and medium-sized businesses due to growing threats and wider AI adoption. An IDC survey of 2,200 SMBs in eight markets examined how organizations manage cyber risks, prepare for AI-related threats, and handle third-party vendor security. Top business priorities for the year (Source: IDC) 60% of SMBs expect to increase cybersecurity spending over the next 12 months. The findings show that businesses continue to rely on reactive approaches … More → The post Cyber threats push SMBs to spend more on security appeared first on Help Net Security.
http://news.poseidon-us.com/TSf4KX

Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect parsing of a transitive BGP attribute. An attacker could exploit this vulnerability by sending a crafted BGP update through an established BGP peer session. If the update propagates to an affected device, it could cause the device to drop the BGP session and flap with the BGP peer that is forwarding this update, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgp-iefab-3hb2pwtx Security Impact Rating: Medium CVE: CVE-2026-20171
http://news.poseidon-us.com/TSdhyP

Cisco Secure Workload Unauthorized API Access Vulnerability

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.  Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.  This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy Security Impact Rating: Critical CVE: CVE-2026-20223
http://news.poseidon-us.com/TSdhyF

Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability

A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An authenticated attacker could exploit this vulnerability by uploading a crafted certificate to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tevacert-rce-RMJVEym5 Security Impact Rating: Medium CVE: CVE-2026-20199
http://news.poseidon-us.com/TSdhxr

Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability

A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the BrowserBot synthetics orchestration process. Cisco has addressed this vulnerability in the Cisco ThousandEyes Enterprise Agent, and no customer action is needed. This vulnerability was due to insufficient input validation of command arguments that are supplied by the user. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by authenticating to the ThousandEyes SaaS and submitting crafted input into the affected parameter. A successful exploit could have allowed the attacker to execute arbitrary commands within the BrowserBot container as the node user. To exploit this vulnerability, the attacker must have valid user credentials for the ThousandEyes SaaS and the ability to manage transaction tests. As mentioned, Cisco has addressed this vulnerability in the ThousandEyes service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tebbot-cmdinj-wN3yQ5gn Security Impact Rating: Medium CVE: CVE-2026-20206
http://news.poseidon-us.com/TSdhxM

Webworm APT targets European government organizations with new backdoors

ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, the group initially focused on targets in Asia, but has recently expanded its operations into Europe. ESET observed Webworm targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain during 2025. The group also expanded its activity into South Africa, where researchers identified activity involving a local university. Discord … More → The post Webworm APT targets European government organizations with new backdoors appeared first on Help Net Security.
http://news.poseidon-us.com/TSdcBk